benign buffer overflow fix (ITS#1964)

diff --git a/servers/slapd/at.c b/servers/slapd/at.c
index 238b91f68443d23c19ef5f722b5540f6db0c1a20..5b59674b5ed4a6be4fe74ee4650004bfc6305394 100644 (file)
--- a/servers/slapd/at.c
+++ b/servers/slapd/at.c
@@ -338,7 +338,6 @@ at_add(
                        ldap_memfree( at->at_syntax_oid );
                        at->at_syntax_oid = oid;
                }
-
        }
 
        if ( at->at_names && at->at_names[0] ) {

diff --git a/servers/slapd/lock.c b/servers/slapd/lock.c
index fb5c5bb7152ed1749545cadfecc5439047c85ba9..79017f23a0dc4bac923e78f995e5d112476a9d85 100644 (file)
--- a/servers/slapd/lock.c
+++ b/servers/slapd/lock.c
@@ -28,7 +28,8 @@ lock_fopen( const char *fname, const char *type, FILE **lfp )
        char    buf[MAXPATHLEN];
 
        /* open the lock file */
-       strcpy(lutil_strcopy( buf, fname ), ".lock" );
+       snprintf( buf, sizeof buf, "%s.lock", fname );
+
        if ( (*lfp = fopen( buf, "w" )) == NULL ) {
 #ifdef NEW_LOGGING
                LDAP_LOG( OPERATION, ERR, 

diff --git a/servers/slurpd/lock.c b/servers/slurpd/lock.c
index ce6fffb03102febd4d16b6a6ba0928252bd5f69d..5b707942e6a870b299673b60e6a66c3f7a6b95d7 100644 (file)
--- a/servers/slurpd/lock.c
+++ b/servers/slurpd/lock.c
@@ -47,8 +47,8 @@ lock_fopen(
        char    buf[MAXPATHLEN];
 
        /* open the lock file */
-       strcpy( buf, fname );
-       strcat( buf, ".lock" );
+       snprintf( buf, sizeof buf, "%s.lock", fname );
+
        if ( (*lfp = fopen( buf, "w" )) == NULL ) {
 #ifdef NEW_LOGGING
                LDAP_LOG ( SLURPD, ERR, "lock_fopen: "